Learn how to configure Okta as a SAML-based identity provider.
Create a SAML Connection for a New App
- In Your application (like Kandji), navigate to the Settings page
- Click the Access tab
- Find the Authentication section and click the Add button on the bottom left of the authentication section (If that section does not appear, SSO is not enabled for your instance)
- In the Add SSO Connection pane, select the Custom SAML option
- Click Next
- Select Show Advanced Details
- Copy the Assertion Consumer Service URL and save it in a text document for later use
- Copy the Entity ID and save it too
Leave this browser tab open as you proceed with the instructions below
Now in Okta
- In a new browser tab, log in to your Okta tenant
- On the left-hand side, click the reveal triangle next to Applications
- Click Applications
Click Create App Integration
Select SAML 2.0 as the app integration type and click Next
- Enter an App name
- Upload an optional App logo
- Click Next
- In the Single sign on URL field, paste the Kandji Assertion Consumer Service URL that was copied earlier
- In the Audience URI (SP Entity ID) field, paste the Kandji Entity ID that was copied earlier
- Ensure that the Name ID format is set to Unspecified
- Ensure that the Application username is set to Okta username
- Ensure that the Update application username on is set to Create and update
- Select Next
- Select I’m an Okta customer adding an internal app
- Select This is an internal app that we have created
- Click Finish.
